Firefox Developer Edition 38: 64-bits and more - 2015-03-03 - In celebration of the 10th anniversary of Firefox, we unveiled Firefox Developer Edition, the first browser created specifically for developers. At that time, we also...

64-bit Security

A hacker known as w3bd3vil posted a message on Twitter a couple of days ago claiming that he found a vulnerability in the 64-bit version of Windows 7 that could be taken advantage of using Apple’s popular web browser Safari.

“<iframe height='18082563'></iframe> causes a BSoD on win 7 x64 via Safari. Lol!” said the hacker in a tweet.

In a later tweet he provides further explanations, stating that the NtGdiDrawStream which is called multiple times is causing a “not so interesting crash.”

Researchers from Secunia confirm the accuracy of the hacker’s findings, reporting that the flaw can be utilized by a hacker to take over a machine.

“The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large 'height' attribute viewed using the Apple Safari browser. Successful exploitation may allow execution of arbitrary code with kernel-mode privileges,” reads Secunia’s report.